DNS Domain Global

Server Controller Catalog

Step - 1 - DC Starts and Registers with DNS Step - 4 - Source Universal Group Membership Active directory domain controller to Client and Client
Step -1 Step - 4 Interaction
Design by Eng.Ahmad H Al-Mashaikh
y
ar
ss
se

Step - 4 - Establish secure channel with DC

ne

Step - 5 - Kerberos Authentication The below services and their ports used for Active Directory communication:
S if

Step - 6 - Load Computer Group Policy

DN

Step - 7 - Register Address Record in DNS

Step - 3 - DC locator queries DNS and returns lists of DCs

Step - 7 - Time Synchronization UDP and TCP Port 135 for domain controllers-to-domain controller and client to domain controller operations.
eries

UDP Port 389 for LDAP to handle normal queries from client computers to the domain controllers.
ocal cache and qu

6
ep TCP and UDP Port 464 for Kerberos Password Change
St
5,
ep 5
St p
4, ,S
te TCP and UDP Port 53 for DNS from client to domain controller and domain controller to domain controller.
St
ep
ep
3 Step - 2 - Pings Domain Controller to verify Availability
3, St
Step - 3 - Kerbros Authentication
et
p 2, UDP Port 88 for Kerberos authentication
S tp
Se Step - 5 - Acquire User Group Policy
hecks l

TCP Port 139 and UDP 138 for File Replication Service between domain controllers.
C

TCP and UDP Port 445 for File Replication Service

ator
c

TCP Port 3268 and 3269 for Global Catalog from client to domain controller.
Lo
DC

IP address from
-A llocate DHC Opening above ports in Firewall between client computers and domain controllers, or between domain controllers, will
p -2 PS
-

Ste erv
-1

er
ep

enable Active Directory to function properly.

St

DORA between server

and client

D - Discover

O - Offer
Client - PC DHCP Server DORA is the Process that is used by DHCP (Dynamic Host Configuration Protocol). It is used for providing the IP Address
R - Request to the clients/host machine. It has four main stages and it obtains the IP Address from the centralized server.

A - Acknowledge
Discover message is the first message in DORA Process which is used to find out the DHCP Server in the network.

Dst:255.255.255.255 , UDP
DHCP Offer - UNICAST : When Server Receives the Discover Request then it responds with the DHCP Offer request to
D - Discover Src:0.0.0.0 , UDP bootpc (68) Src:0.0.0.0 , UDP bootpc (68)
bootpc (67)
the client.
Dst:255.255.255.255 , UDP Src:10.10.10.1 , UDP bootpc O - Offer DHCP Request - BROADCAST : The host receives the Offer packet then it replies back with a Request message.
bootpc (68) (67)
DHCP Acknowledge - UNICAST : The server gets the request from the host , This message is a reply to the request
Dst:255.255.255.255 , UDP
R - Request Src:0.0.0.0 , UDP bootpc (68)
bootpc (67)
message to the host.
Dst:255.255.255.255 , UDP
bootpc (68) Src:10.10.10.1 , UDP bootpc A - Acknowledge
(67)